Ancestry.com Is Latest Victim of DDoS Attack: Who's Next?
Although I'm not 100 percent certain (and Akamai declined to comment to eWEEK on any specific customers it may have), I suspect that the Akamai/Prolexic technology is now in place as a key part of the technology that is protecting Ancestry.com for any ongoing DDoS attacks. In modern DDoS attacks, the biggest challenge is bandwidth and massive attack volume that no single Website can typically handle on its own. What a provider like Akamai delivers is massive bandwidth and the ability to absorb and mitigate the massive traffic floods. Motivation The other piece of the puzzle in the Ancestry.com attack is motivation. Why would anyone bother to attack the site in the first place?Another typical motivation for DDoS is to use the attack as a cover for a data breach attack that aims to gain access to financial and user information. In a blog post, Ancestry.com CTO Scott Sorensen specifically noted that user data was not compromised by the attack. Then again, sometimes attackers execute DDoS just because they can. For end users, there is little they can do when a DDoS attack impacts a site, other than wait while the site turns up the bandwidth and partner with a security vendor, as likely occurred in the case of Ancestry.com. The other thing end users should always be doing is staying vigilant with regard to their personal and financial information. Although there is no indication that any data was lost or compromised as a result of the Ancestry.com attack, there is no harm in resetting passwords as a good best practice. Unfortunately, the scourge that is DDoS is not going away and likely will only intensify in 2014. Thankfully though, there are technology solutions and vendors in the market that can help those under attack and at risk respond and repel attacks. Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.
On June 11, feed reading service Feedly was hit by a DDoS attack that was motivated by a specific purpose—money. In the Feedly incident, the hackers specifically were trying to extort money from the site in order to stop the DDoS. At this point in the Ancestry.com DDoS, there is no indication that any attempt to extort money is involved.